attack is the modification of data stream to masquerade as someone else, modify messages in transit.

Example: DOS (Denial of Service)

In the case of the following security services, Integrity, discuss using an example the kind of threat that this service is designed to counteract:

Integrity of information refers to protecting information from being modified by unauthorized parties. Service - Message digests; checksums.

In the case of the following security services, Confidentiality, discuss using an example the kind of threat that this service is designed to counteract:

Confidentiality of information is protecting the information from disclosure to unauthorized parties. Encryption is used to protect data and very prominent example is SSL/TLS.

In the case of the following security services, Access Control, discuss using an example the kind of threat that this service is designed to counteract:

Access Control refers to who can access what and in what way.

Services - File permissions.

In the case of the following security services, Authentication, discuss using an example the kind of threat that this service is designed to counteract:

Authentication ensures the correct identification of entity or source of data.

Services - passwords, biometrics, digital signatures.

In the case of the following security services, Non-repudiation, discuss using an example the kind of threat that this service is designed to counteract:

Proves that communication or a transaction took place by signing the hash of a message.

What is meant by cryptanalysis?

Attempting to discover plaintext or key or both

When we say an encryption algorithm is strong, what exactly do we mean?

This means that an attacker who knows:

– the algorithm

– some pieces of ciphertext

– some plaintext-ciphertext pairs (possibly)

cannot deduce the plaintext or key.

What is the difference between a ciphertext only attack and a known plaintext attack? What is a chosen plaintext attack?

Ciphertext only– Just have ciphertext to be decoded.

Known plaintext - has one or more plaintext-ciphertext pairs.

Chosen plaintext– Can choose plaintext and get corresponding ciphertext

What are two main ways in which a cryptosystem can be attacked?

chosen plaintext attack

brute force attack

What is the difference between a block cipher and a stream cipher?

Block cipher processes a block of plaintext at a time, producing a corresponding block of ciphertext at a time (e.g. 64 or 128 bits)

– Optimised for transfer of files and non-real-time data

– Used in SSL/TLS

Stream cipher processes input continuously(e.g. one bit or one byte at a time)

– Optimised for real-time and two-way communications

– Used for mobile phone encryption

Is an unbreakable encryption scheme possible?

In theory no! Except for the one-time pad technique, which is impractical in most situations. In practice, though, it is possible to have a scheme that is effectively unbreakable. An encryption scheme is computationally secure if cost of breaking exceeds value of information.

If a symmetric encryption key is 64 bits in length, what are the chances of an attacker guessing the right key on each attempt?

Close to zero.

Give an example of an encryption scheme that can't be broken by brute force?

One-time pad cannot be broken

Outline a method that might be used to attack Monoalphabetic Substitution.

Frequency of letters in English language is well known

• Can deduce plaintext->ciphertext mapping by analysing frequency of occurrence

- Opponent generates an equal number of variations of desired fraudulent message

-50% chance of two messages being found that hash to the same value

-A is presented with the appropriate valid message for signing

-A's signature is taken from the valid message and attached to the corresponding fraudulent message (that hashes to the same value)

What precautions should one take before signing someone else's key, and why are these measures required?

A phone call to the other person to have them read their key's fingerprint. This is appropriate if you know the person and the sound of their voice. Else meet them face-to-face to exchange and ask for ID.

This is appropriate because if your key is in their machine they can add their key and maliciously replace yours.

List and briefly discuss the purpose of each components of a digital certificate.

Electronic document that binds an entity to a public key

Signed by third party called a Certificate Authority(CA)

Conforms to a standard, usually x.509

Certificate user trusts (CA) to issue valid certificates.

CA's public key may be validated by another (e.g. higher-level) CA

In what way id Diffie-Hellmann essentially different to RSA?

a)DH is used to generate asharedsecretin publicfor latersymmetric("private-key") encryption. Diffie-Hellman relies on the hardness of taking logarithms.

RSA is used tocome up witha public/private key pair forasymmetric("public-key") encryption. RSA relies on the hardness of factoring.

a)DH is used to generate asharedsecretin publicfor latersymmetric("private-key") encryption. Diffie-Hellman relies on the hardness of taking logarithms.

RSA is used tocome up witha public/private key pair forasymmetric("public-key") encryption. RSA relies on the hardness of factoring.

Explain why the security of RSA depends on the difficulty of factoring large numbers:

RSA public key contains {e , n}

RSA private key contains {d, n}

Security of RSA depends on secrecy of d

d is a function of e, p,q

Where p,q are the factors of n

Explain two major limitations of relying solely on symmetric encryption.

Firstly there’s a requirement for a shared secret key which must be exchanged between two parties: the sender and the recipient. Which means a high level of trust is needed as the process of choosing, distributing and storing keys is difficult to achieve in a dependable and secure manner. As a result, keys should be changed on a regular basis and kept secure during distribution; this process is known as key management.

Another disadvantage is that there is no provision for data origin authentication and data integrity protection. In other words, the recipient can neither authenticate the sender nor verify that the decrypted message is the same as the original message.

(ii) Encrypt the message which is 00101011 in binary using this RSA system. Show your computations in your answer.

N = p*q = (19 * 13) = 247

Φ(n)= (P – 1)*(Q – 1)

= (18)*(12) = 216

d = e-1 mod Φ(n)

= inverse of 23 mod 216

216/23 = 9

216 = 9(23) + 9

A = 96 + 9 ----- 9 = A – 96

23 = 2(9) + 5 ------- B = 2(A-96) + 5 --------- 19B – 2A

9 = 1(5) + 4 ------ A – 9B = 19B – 2A + 4

4 = 3A -28B

5= 1(4) + 1 ---- 19B – 2A = 3A -28B + 1

47B – 5A = 1

47(23) – 5 (216) = 1

47(23) MOD 216 – 5 (216) MOD 216

=1 MOD 216

-----(47)(23) MOD 216 = 1

D =(47) E = (23)

What is Bitcoin mining?

Given a string of data that you receive from peers. You basically append a random number onto that (a nonce). Use Sha -256 algorithm to get a 256 bit hash value. Take that hash value and check to see is it less than the target. If yes then you basically win a bitcoin. If no, you go back and increment the nonce. You keep incrementing the nonce until you find the hash value.

What is the disadvantage of cipher text in block mode?

It's very inefficient

Why is double-DES never used?

Encryption can be broken easily. It’s vulnerable to a particular type of attack called

“known plaintext” attack.

Modern symmetric encryption methods involve transformations using exclusive OR (XOR). What is the main benefit of this? Give and example.

When using XOR and you have a string of binary digits 10101 and you XOR it with 10111 you get 00010. Now to decrypt or get it back to the original all you have to do is XOR the answer with your encoded string and you get your original string back. Also output of XOR always depends on both inputs.

Differentiate between the use of pseudo-random numbers and true random numbers. In your answer, explain what is meant by the seed of a random number generator and list the properties that a good pseudo-random number generator should have.

Pseudo-random numbers are not really random they are gotten from a deterministic

algorithm that if is implemented properly the sequence of numbers can’t be found. Pseudo-random numbers start with a seed which could be the current time.

The seed of a random number is the number that it starts at. Whereas a truly random number is not gotten deterministically it may be taken from the environment such as noise or motion of liquid. Properties of a good random generator are Randomness and unpredictability.